Company Overview

We are a growing technology-driven organization with approximately 180 users and multiple cloud-based systems. While we rely on outsourced IT partners for support, we are strengthening our internal capabilities in IT management, governance, cloud security, and information systems oversight.

We are seeking a proactive IT Engineer (Cloud, Security & Governance) to support day-to-day IT operations and drive structured improvements across our cloud and information systems landscape. This role is ideal for someone with strong technical capability, organizational discipline, and security awareness, who is eager to contribute to cloud governance, IT security, and ISMS compliance frameworks.

Key Responsibilities

1. IT Operations & Vendor Coordination

• Serve as the first internal point of contact for IT-related issues, coordinating with outsourced IT providers to ensure smooth resolution.
• Monitor IT service requests and follow up to ensure SLAs are achieved.
• Support user onboarding/offboarding, access provisioning, and device setup.
• Maintain IT asset inventories (hardware, software, and cloud accounts).

2. Cloud Systems Governance & Documentation

• Conduct a full review of existing cloud platforms (e.g., Microsoft 365, Azure, AWS, Google Workspace, and other SaaS applications).
• Map current accounts, permissions, and configurations, identifying security and compliance gaps.
• Create and maintain cloud governance documentation, including:

1. System ownership and responsibilities
2. Access control policies and procedures
3. Configuration and change management standards
4. Data retention and backup procedures

• Establish procedures for ongoing governance, monitoring, and reporting.
• Develop and implement a Cloud Governance Framework that ensures consistency and control across all platforms.

3. IT Security & Compliance

• Support the ongoing implementation and maintenance of the Information Security Management System (ISMS) in line with ISO 27001.
• Assist in managing access reviews, risk assessments, and corrective actions.
• Monitor endpoint protection, patch management, and device compliance.
• Help define and document security controls for authentication, MFA, encryption, and data protection across cloud systems.
• Support internal and external security audits by maintaining evidence and tracking remediation.

4. Policy, Process & Continuous Improvement

• Draft and maintain IT and security policies, including acceptable use, cloud management, device management, and change control.
• Create procedural documents for IT service delivery and cloud operations.
• Support awareness training initiatives to build security culture among users.
• Proactively identify areas for improvement in IT operations, governance, and compliance processes.

5. Collaboration & Reporting

• Liaise with vendors and internal stakeholders to ensure IT systems align with business and compliance needs.
• Provide regular reports on IT and cloud system health, risks, and improvement initiatives.
• Work closely with the VP of Information Systems to deliver on the IT governance and security roadmap

Qualifications & Experience

• 4/5 years’ experience in IT support, IT administration, or system/cloud management.
• Experience working with cloud environments (Microsoft 365, Google Workspace, AWS, or Azure)
• Understanding of information security principles, risk management, and compliance frameworks (ISO 27001, GDPR, NIST).
• Hands-on experience with vulnerability management, patch control, and endpoint security.
• Strong documentation, process mapping, and reporting skills.
• Experience managing or coordinating outsourced IT vendors or MSPs.
• Excellent communication, organization, and analytical skills.

Desirable Education and Accreditations:

Bachelor’s degree (or equivalent) in Information Technology, Computer Science, Information Systems, or Cybersecurity.

Certifications such as:

• ITIL® Foundation (v4) – for IT service management and governance
• CompTIA Security+ or (ISC)² Certified in Cybersecurity (CC)
• Microsoft Certified: Google Cloud Digital Leader
• Microsoft SC-900: Security, Compliance & Identity Fundamental
• CIPP/E, CGRC or CRISC, Microsoft 365 Certified: Administrator / Fundamentals, or similar.
• ISO/IEC 27001 Advanced Risk & Implementer Training